<?phpinclude 'includes/config.php';if(isset($_POST['username']) && isset($_P

1. <?php
2. include 'includes/config.php';
3. if(isset($_POST['username']) && isset($_POST['password'])){
4. $username = sec($_POST['username']);
5. $password = sec(strtoupper(hash("whirlpool",$_POST['password'])));
6. $check = get_row("SELECT id FROM players WHERE Name='$username' && Password='$password'");
7. if(isset($check['id'])){
8. $banned = get_row("SELECT * FROM banuri WHERE Nume='$username'");
9. if(isset($banned['id'])){
10. if($banned['BanaP'] == 0){
11. $err = 'Eşti banat permanent.';
12. }else{
13. $err = 'Eşti banat până la data de '.$banned['BanzP'].'.'.$banned['BanlP'].'.'.$banned['BanaP'].' '.$banned['BanoP'].':'.$banned['BanmP'];
14. }
15. }else{
16. $_SESSION['username'] = $_POST['username'];
17. $_SESSION['password'] = $password;
18. mysql_query("UPDATE players SET rpgon=2 WHERE Name='$username'");
19. header('location: index.php');
20. }
21. }else{
22. $err = 'Numele de utilizator ori parola incorecte.';
23. }
24. }
25.  
26. include 'includes/header.php';
27.  
28. ?>